Security B-Sides MSP 2016 Joe Petroske "Automating Malware Analysis for Proactive Detection"
Image files make great carrier channels for hidden messages. By simply replacing the least-significant bit of each pixel byte with some data, you wind up with an image file with an embedded hidden file. And the new image is indistinguishable from the original. So how could anyone ever detect this? With a little math and a little Powershell, you can get a good idea whether something else is lurking inside your favorite cat meme.
Slides can be found here: https://archive.org/details/2016BSidesMSPSlides